<?php
include '../include/functions.php';
//set session save path
  session_save_path("../$session_path");
  // Initialize a session. 
  session_start(  );
            //session_destroy();             
  $count++;                         
  $sessionId = session_id();
//Connect To Database
dbConnect();
if($userID != "")
{
	$SQL = "SELECT Username FROM Users WHERE ID=$userID";
	$result = mysql_query($SQL) or die("Cannot query the database.<br>" . mysql_error());
	$myrow = mysql_fetch_array($result);
	$username = $myrow["Username"];
}
?>
<!DOCTYPE html PUBLIC "-//W3C//Dtd html 4.01 Transitional//EN"
"http://www.w3.org/tr/html4/loose.dtd">
<html>
  <head>
    <title>JoshHughes.com Hockey Pool</title>
	<link rel="stylesheet" href="http://hockey.joshhughes.com/css/hockey.css" type="text/css">
    <script src="http://hockey.joshhughes.com/scripts/prototype.js" type="text/javascript"></script>
	<script src="http://hockey.joshhughes.com/scripts/scriptaculous.js" type="text/javascript"></script>
	<script src="http://hockey/joshhughes.com/scripts/hockey.js" type="text/javascript"></script>  </head>
<body>
<div id="pagewidth" >
	<div id="header" >
	
		<?PHP include_once("../layout/header.html"); ?>
		
	</div>
			<div id="wrapper" class="clearfix" > 
			<div id="maincol" >

			<?php

					$js="function smilie(emote) {\n document.reply.comments.value += emote;\n document.reply.comments.focus();\n}\n";
					require_once("config.inc.php");
					require_once("mysql.php");
					require_once("tags.php");
					require_once("censorship.php");
					if (isset($_POST['comments'])) {
					  $comments=strip_tags($_POST[comments],$allowedtags);
					  foreach ($banlist as $word) {
						$count=strlen($word);
						$i=0;
						while ($i < $count) {
						  $replace .= "*";
						  $i++;
						}
						$comments=str_replace($word,$replace,$comments);
						unset($replace,$count);
					  }
					  $sql="UPDATE tinybb_posts SET text='$comments' WHERE id='$_POST[id]'";
					  mysql_query($sql);					  
					?>
					<SCRIPT LANGUAGE="JavaScript">window.location="topic.php?id=<?= $_POST[topicid]; ?>";</script>
					<?
					}
					require_once("headers.php");
					$moderaters=array($tinybb_moderators);
					if (in_array($username,$moderaters)) {
					  if (isset($_GET['id'])) {
						$sql="SELECT * FROM tinybb_posts WHERE id='$_GET[id]'";
						$result=mysql_query($sql);
						while ($row = mysql_fetch_array($result)) {
						  $comments=$row[text];
						  $topicid=$row[topicid];
						  echo "<a href=\"topic.php?id=$row[topicid]\" class=\"permLink\">Back To Topic Home</a><br/><form name=\"reply\" action=\"edit_mod.php\" method=\"post\">
						<p>As a moderator, you can edit the following message.</p>
						<p>
							<b class=\"nonpost\"><label for=\"comments\">Edit a message:</label></b><br />
							The only allowed html tags are $allowedtagshtml
							<br /><br /><b class=\"nonpost\">Add smilies:</b><br />\n";
						  foreach ($smilies as $emote) {
							echo "		<a href=\"#post\" onclick=\"smilie(' [$emote] '); return false;\"><img border=\"0\" src=\"_images/smilies/$emote.gif\" alt=\"$emote\" /></a>&nbsp; \n";
						  }
						  echo "	</p>
						<textarea name=\"comments\" id=\"comments\" cols=\"52\" rows=\"8\">$comments</textarea><br /><br />
						<input type=\"hidden\" name=\"id\" value=\"$_GET[id]\" />
						<input type=\"hidden\" name=\"topicid\" value=\"$topicid\" />
						<input type=\"image\" class=\"clear\" src=\"_images/form_submit.gif\" />
					</form>\n";
						}
					  }
					}
					else {
					  echo "<p><b class=\"nonpost\">You are not authorised to view this page.</b></p>\n<p>Please <a href=\"javascript:history.go(-1)\">go back</a> and try again.</p>\n";
					}
					require_once("footers.php");
					?>
			
			</div>
			<div id="leftcol" >
			
				<?PHP include_once("../layout/left_column.php"); ?>
		
			</div>
			
		</div>
		
		<div id="footer" >
		
			<?PHP include_once("../layout/footer.html"); ?>
			
		</div>
</div>
</body>
</html>